Snippets/AzureResources/azuredeploy.json
|
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "keyVaultName": { "type": "string", "minLength": 3, "maxLength": 24 }, "keyVaultSku": { "type": "string", "defaultValue": "standard", "allowedValues": [ "standard", "premium" ] }, "appInsightsName": { "type": "string" }, "appInsightsLocation": { "type": "string", "defaultValue": "australiaeast" }, "storageAccountName": { "type": "string", "minLength": 3, "maxLength": 24 }, "storageAccountSku": { "type": "string", "defaultValue": "Standard_LRS", "allowedValues": [ "Standard_LRS", "Standard_GRS", "Standard_RAGRS", "Standard_ZRS", "Premium_LRS", "Premium_ZRS", "Standard_GZRS", "Standard_RAGZRS" ] }, "functionAppName": { "type": "string" }, "webAppName": { "type": "string" }, "webAppSkuCode": { "type": "string" } }, "variables": { "appInsightsInstrumentationKeySecretName": "ApplicationInsights--InstrumentationKey", "storageAccountConnectionStringSecretName": "[concat(parameters('storageAccountName'), '-connectionstring')]", "functionAppManagedIdentityName": "[concat(parameters('functionAppName'), '-uami')]", "functionAppAppServicePlanName": "[concat(parameters('functionAppName'), '-asp')]", "webAppManagedIdentityName": "[concat(parameters('webAppName'), '-uami')]", "webAppAppServicePlanName": "[concat(parameters('webAppName'), '-asp')]" }, "resources": [ { "apiVersion": "2018-02-14", "type": "Microsoft.KeyVault/vaults", "name": "[parameters('keyVaultName')]", "location": "[resourceGroup().location]", "properties": { "enabledForDeployment": false, "enabledForTemplateDeployment": true, "enabledForDiskEncryption": false, "accessPolicies": [], "tenantId": "[subscription().tenantId]", "sku": { "name": "[parameters('keyVaultSku')]", "family": "A" }, "networkAcls": {} }, "tags": {}, "dependsOn": [] }, { "apiVersion": "2015-05-01", "type": "Microsoft.Insights/components", "name": "[parameters('appInsightsName')]", "location": "[parameters('appInsightsLocation')]", "kind": "web", "properties": { "Application_Type": "web", "Flow_Type": "Redfield", "Request_Source": "IbizaAIExtension" } }, { "apiVersion": "2018-02-14", "type": "Microsoft.KeyVault/vaults/secrets", "name": "[concat(parameters('keyVaultName'), '/' , variables('appInsightsInstrumentationKeySecretName'))]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", "[resourceId('Microsoft.Insights/components', parameters('appInsightsName'))]" ], "properties": { "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2015-05-01').InstrumentationKey]" } }, { "apiVersion": "2019-06-01", "type": "Microsoft.Storage/storageAccounts", "name": "[parameters('storageAccountName')]", "location": "[resourceGroup().location]", "properties": { "accessTier": "Hot", "supportsHttpsTrafficOnly": true }, "dependsOn": [], "sku": { "name": "[parameters('storageAccountSku')]" }, "kind": "StorageV2", "tags": {} }, { "apiVersion": "2018-02-14", "type": "Microsoft.KeyVault/vaults/secrets", "name": "[concat(parameters('keyVaultName'), '/' , variables('storageAccountConnectionStringSecretName'))]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]" ], "properties": { "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageAccountName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName')), '2019-06-01').keys[0].value,';EndpointSuffix=','core.windows.net')]" } }, { "apiVersion": "2018-11-30", "type": "Microsoft.ManagedIdentity/userAssignedIdentities", "name": "[variables('functionAppManagedIdentityName')]", "location": "[resourceGroup().location]", "properties": {} }, { "apiVersion": "2018-11-30", "type": "Microsoft.ManagedIdentity/userAssignedIdentities", "name": "[variables('webAppManagedIdentityName')]", "location": "[resourceGroup().location]", "properties": {} }, { "apiVersion": "2018-02-14", "type": "Microsoft.KeyVault/vaults/accessPolicies", "name": "[concat(parameters('keyVaultName'), '/add')]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('functionAppManagedIdentityName'))]", "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('webAppManagedIdentityName'))]" ], "properties": { "accessPolicies": [ { "tenantId": "[subscription().tenantId]", "objectId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('functionAppManagedIdentityName')), '2018-11-30').principalId]", "permissions": { "secrets": [ "get", "list" ] } }, { "tenantId": "[subscription().tenantId]", "objectId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('webAppManagedIdentityName')), '2018-11-30').principalId]", "permissions": { "secrets": [ "get", "list" ] } } ] } }, { "apiVersion": "2018-11-01", "name": "[variables('functionAppAppServicePlanName')]", "type": "Microsoft.Web/serverfarms", "location": "[resourceGroup().location]", "kind": "", "tags": {}, "dependsOn": [], "properties": { "name": "[variables('functionAppAppServicePlanName')]" }, "sku": { "Tier": "Dynamic", "Name": "Y1" } }, { "apiVersion": "2018-11-01", "type": "Microsoft.Web/sites", "name": "[parameters('functionAppName')]", "kind": "functionapp", "location": "[resourceGroup().location]", "tags": {}, "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]", "[resourceId('Microsoft.Web/serverfarms', variables('functionAppAppServicePlanName'))]", "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('functionAppManagedIdentityName'))]" ], "identity": { "type": "UserAssigned", "userAssignedIdentities": { "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('functionAppManagedIdentityName'))]": {} } }, "properties": { "name": "[parameters('functionAppName')]", "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('functionAppAppServicePlanName'))]", "clientAffinityEnabled": true, "httpsOnly": true, "siteConfig": { "minTlsVersion": "1.2", "ftpsState": "Disabled", "appSettings": [ { "name": "FUNCTIONS_EXTENSION_VERSION", "value": "~1" }, { "name": "FUNCTIONS_WORKER_RUNTIME", "value": "dotnet" }, { "name": "APPINSIGHTS_INSTRUMENTATIONKEY", "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2015-05-01').InstrumentationKey]" }, { "name": "AzureWebJobsStorage", "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageAccountName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName')), '2019-06-01').keys[0].value,';EndpointSuffix=','core.windows.net')]" }, { "name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING", "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageAccountName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName')), '2019-06-01').keys[0].value,';EndpointSuffix=','core.windows.net')]" }, { "name": "WEBSITE_CONTENTSHARE", "value": "[concat(toLower(parameters('functionAppName')), 'b91e')]" } ] } } }, { "apiVersion": "2018-11-01", "name": "[variables('webAppAppServicePlanName')]", "type": "Microsoft.Web/serverfarms", "location": "[resourceGroup().location]", "kind": "", "tags": {}, "dependsOn": [], "properties": { "name": "[variables('webAppAppServicePlanName')]" }, "sku": { "Name": "[parameters('webAppSkuCode')]" } }, { "apiVersion": "2018-11-01", "type": "Microsoft.Web/sites", "name": "[parameters('webAppName')]", "location": "[resourceGroup().location]", "tags": {}, "dependsOn": [ "[resourceId('Microsoft.Web/serverfarms', variables('webAppAppServicePlanName'))]", "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('webAppManagedIdentityName'))]" ], "identity": { "type": "UserAssigned", "userAssignedIdentities": { "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('webAppManagedIdentityName'))]": {} } }, "properties": { "name": "[parameters('webAppName')]", "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('webAppAppServicePlanName'))]", "clientAffinityEnabled": true, "httpsOnly": true, "siteConfig": { "alwaysOn": true, "minTlsVersion": "1.2", "ftpsState": "Disabled", "appSettings": [ { "name": "APPINSIGHTS_INSTRUMENTATIONKEY", "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2015-05-01').InstrumentationKey]" }, { "name": "APPLICATIONINSIGHTS_CONNECTION_STRING", "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2015-05-01').ConnectionString]" }, { "name": "ApplicationInsightsAgent_EXTENSION_VERSION", "value": "~2" }, { "name": "XDT_MicrosoftApplicationInsights_Mode", "value": "default" }, { "name": "DiagnosticServices_EXTENSION_VERSION", "value": "disabled" }, { "name": "APPINSIGHTS_PROFILERFEATURE_VERSION", "value": "disabled" }, { "name": "APPINSIGHTS_SNAPSHOTFEATURE_VERSION", "value": "disabled" }, { "name": "InstrumentationEngine_EXTENSION_VERSION", "value": "disabled" }, { "name": "SnapshotDebugger_EXTENSION_VERSION", "value": "disabled" }, { "name": "XDT_MicrosoftApplicationInsights_BaseExtensions", "value": "disabled" }, { "name": "ANCM_ADDITIONAL_ERROR_PAGE_LINK", "value": "[concat('https://', parameters('webAppName'), '.scm.azurewebsites.net/detectors')]" } ], "metadata": [ { "name": "CURRENT_STACK", "value": "dotnetcore" } ] } } } ], "outputs": {} } |